1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.servlet.SessionErrors;
28 import com.liferay.portal.kernel.util.ParamUtil;
29 import com.liferay.portal.security.auth.PrincipalException;
30 import com.liferay.portal.security.permission.PermissionChecker;
31 import com.liferay.portal.servlet.PortalSessionContext;
32 import com.liferay.portal.struts.PortletAction;
33 import com.liferay.portal.theme.ThemeDisplay;
34 import com.liferay.portal.util.WebKeys;
35
36 import javax.portlet.ActionRequest;
37 import javax.portlet.ActionResponse;
38 import javax.portlet.PortletConfig;
39 import javax.portlet.RenderRequest;
40 import javax.portlet.RenderResponse;
41
42 import javax.servlet.http.HttpSession;
43
44 import org.apache.struts.action.ActionForm;
45 import org.apache.struts.action.ActionForward;
46 import org.apache.struts.action.ActionMapping;
47
48
53 public class EditSessionAction extends PortletAction {
54
55 public void processAction(
56 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
57 ActionRequest actionRequest, ActionResponse actionResponse)
58 throws Exception {
59
60 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
61 WebKeys.THEME_DISPLAY);
62
63 PermissionChecker permissionChecker =
64 themeDisplay.getPermissionChecker();
65
66 if (!permissionChecker.isOmniadmin()) {
67 SessionErrors.add(
68 actionRequest, PrincipalException.class.getName());
69
70 setForward(actionRequest, "portlet.enterprise_admin.error");
71
72 return;
73 }
74
75 invalidateSession(actionRequest);
76
77 sendRedirect(actionRequest, actionResponse);
78 }
79
80 public ActionForward render(
81 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
82 RenderRequest renderRequest, RenderResponse renderResponse)
83 throws Exception {
84
85 return mapping.findForward(
86 getForward(renderRequest, "portlet.enterprise_admin.edit_session"));
87 }
88
89 protected void invalidateSession(ActionRequest actionRequest)
90 throws Exception {
91
92 String sessionId = ParamUtil.getString(actionRequest, "sessionId");
93
94 HttpSession userSession = PortalSessionContext.get(sessionId);
95
96 if (userSession != null) {
97 try {
98 if (!actionRequest.getPortletSession().getId().equals(
99 sessionId)) {
100
101 userSession.invalidate();
102 }
103 }
104 catch (Exception e) {
105 _log.error(e);
106 }
107 }
108 }
109
110 private static Log _log = LogFactoryUtil.getLog(EditSessionAction.class);
111
112 }